- 19 Oct, 2021 15 commits
-
-
Leszek Swirski authored
mjsunit/regress/regress-crbug-9161 had two spinlocks on an atomic: 1. WaitUntil(lock == kStageRunning) 2. WaitUntil(lock == kStageDone) But, in theory the worker updating the "lock" could progress all the way to kStageDone before the first loop manages to check the lock value again. We can make this more robust by checking: 1. WaitUntil(lock != kStageInit) 2. WaitUntil(lock == kStageDone) That way both loops check for _any_ state past the state they want to progress past. Bug: v8:11437 Change-Id: I5220e61070a305301c678928edb0925c04dae970 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231339 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#77460}
-
Igor Sheludko authored
... by explicitly passing pointer compression cage base value to various IsXXX() and map() calls in order to avoid using incorrect auto-computed cage base value when applied to objects allocated in external code space. This CL also introduces IsCodeObject(HeapObject) predicate which checks the IS_EXECUTABLE bit in the page header's flags. Bug: v8:11880 Change-Id: Ib44398c3125392e46e939044a9bd27e09d7944d5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229368Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#77459}
-
Nico Hartmann authored
This CL adds support for BigInt.asIntN, the necessary operations and extensions of the compiler's type system to allow lowering of BigInts to word64 representations that are interpreted as signed 64 bit BigInts. Bug: v8:9407 Change-Id: Id4f1f45437c1caf94e01c7b4e063c2ae2386c88a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3198070 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#77458}
-
Victor Gomes authored
We increment the size before enqueueing the next element. This guarantees that size > 0 when decrementing. Bug: v8:12325 Change-Id: Ida256d9b22a9dd5cacb21312f099ee7186e2ca53 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231335 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#77457}
-
Milad Fa authored
A few of the changes added by https://crrev.com/c/3229379 are causing compilation errors on platforms without sparkplug. Change-Id: Ic6088b33ba910ae5a96881fa7609e30d35db5d8a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226548Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#77456}
-
Leszek Swirski authored
Disable --concurrent-inlining when v8_dict_property_const_tracking is enabled, since the latter doesn't support the former. Add statusfile variables to mark this as an incompatible flag, and otherwise disable it via flags. Change-Id: Ie2e7dac6f4a1ddc97e7e7f4d4d2c77e638e216a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229565 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#77455}
-
Samuel Groß authored
Bug: v8:10391 Change-Id: Ia123d8034c4ade76c9843df5d947fdc4ee3d8e35 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226337Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#77454}
-
Benedikt Meurer authored
Previously having a `Symbol.toStringTag` property holding a string somewhere in the prototype chain would always take predence over trying to determine a reasonable name from the "constructor" (in case of subclassing). This would lead to confusing behavior when diagnosing objects in DevTools, for example ```js class A extends URLSearchParams {}; new A() ``` would show `URLSearchParam` as class name for the instance rather than `A`. With this CL, we change the lookup logic to explicitly check for `Symbol.toStringTag` and "constructor" along each step of the prototype chain (skipping the "constructor" for the leaf object) and pick the first one that yields a string (that is the function debug name in case of "constructor"). Fixed: chromium:980018 Change-Id: Ic920b4bae02f965bc383c711f8de89c0de55fcac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231078 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/main@{#77453}
-
Hans Wennborg authored
`a || b` only evaluates b if a is false. `a | b` always evaluates both a and b. If a and b are of type bool, `||` is usually what you want, so clang now warns on `|` where both arguments are of type bool. In this case the difference isn't important, but || is more conventional to express this Bug: chromium:1255745 Change-Id: I8fb090abc9863f7db8761bddb1440613a49bc84b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231077 Auto-Submit: Hans Wennborg <hans@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#77452}
-
Peter Kasting authored
Bug: chromium:1203071 Change-Id: I32481d9918aa4a86510570dfb4997f7645f0df23 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226965 Auto-Submit: Peter Kasting <pkasting@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#77451}
-
QiuJi authored
Port the rest part of 9d3c9d47 The first part is at: https://chromium-review.googlesource.com/c/v8/v8/+/3212059 Bug: v8:7748 Change-Id: I8b39deec2eee35511f56e826d92bf52e32a81daf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226551Reviewed-by: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#77450}
-
Victor Gomes authored
No-Try: true Bug: v8:12324 Change-Id: I4d8ea351b0aecaad704a0d0aa2e67eff4ce5eff0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226336 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#77449}
-
Dominik Inführ authored
This is a reland of 929b83fb This version of the CL also fixes initialization of the marking_barrier_ in the LocalHeap constructor. This CL also got rebased on Victor's CL in https://crrev.com/c/3229361. It added a code_space_allocator_ in LocalHeap which needs to be initialized a bit later on the main thread as well. Original change's description: > [heap] Attach to shared isolate after setting up main thread > > Attach to the shared isolate after the main thread was set up. Otherwise > it could happen that a shared GC initiated from another isolate might > see no threads are running and performs the safepoint operation in the > middle of isolate deserialization. > > We use DisallowSafepoints to check that the isolate doesn't join a > global safepoint before deserialization is complete. DisallowSafepoints > used to prevent only invocations of Safepoint() but was updated to > also prevent Park() and Unpark() invocations. Each state change could > cause the thread to reach a safepoint, which would allow a shared GC > to run. > > We now also DCHECK that every isolate has at least one local heap and > that shared collections aren't started before deserialization is > complete. > > Bug: v8:11708 > Change-Id: Iba3fb59dd951d5ee4fc9934158062287302fc279 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3221157 > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77424} Bug: v8:11708 Change-Id: I7d44e4a5f76cc09092c2444cede10e9331222c1d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229361Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#77448}
-
Leszek Swirski authored
This is a reland of dca83ff7 Relanding without changes, looks like the bot that failed succeeded again before the revert landed (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/38915/overview) Original change's description: > [snapshot] Fix two stress_snapshot failures > > 1. Stress snapshot discards code on SFIs, which breaks flushing > invariants. Add --stress-snapshot to those invariants. > 2. Another test failing on IsScript, added it to the disabled list. > > Change-Id: Ic415923a9cc96d34b74f7450b29be99c1b53d077 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229375 > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Auto-Submit: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77430} Change-Id: I18fd290c3794d90addc2a94765d57a3ee3ceab86 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229563 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#77447}
-
Yolanda Chen authored
Bug: v8:12228 Change-Id: I434b07e3d7a2e270dc7dd26950b9dd047eb46a56 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3219944Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Yolanda Chen <yolanda.chen@intel.com> Cr-Commit-Position: refs/heads/main@{#77446}
-
- 18 Oct, 2021 25 commits
-
-
Michael Lippautz authored
Young generation collection requires that full GCs unmark before starting marking. Bug: v8:12324 Change-Id: Id6cc218057252cbf0664326126f34b07ac8ea247 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229570 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#77445}
-
Shu-yu Guo authored
[1] fixes the behavior of StaNamedOwnProperty to no longer do prototype lookups. This lets us revert [2] and go back to using the fast path in the clone spread object literal bytecode. The test case from [2] is kept. [1] https://chromium-review.googlesource.com/c/v8/v8/+/2795831 [2] https://chromium-review.googlesource.com/c/v8/v8/+/3178969 Bug: v8:9888, chromium:1251366 Change-Id: I9d2cb69b803c403f63365f55d27c4de20ff7dafb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3224666Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#77444}
-
Ng Zhi An authored
No functionality change expected. Most scopes are renamed new_scope. Bug: v8:12244,v8:12245 Change-Id: I85d23b0ba6971f51b9bbfc1f3afeb89fb70f035e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3227268 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#77443}
-
Ng Zhi An authored
No functionality change expected. Most scopes are renamed new_scope or new_handle_scope. For some test cases the outer scope is renamed to outer_scope since there are multiple inner scopes. Bug: v8:12244,v8:12245 Change-Id: I85953617e54f2140fa88c593eb7c186b570fdd04 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3227266Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/main@{#77442}
-
Lei Zhang authored
Avoid generating switch statements with only a default case. Instead, when there are no instructions that can trap, simply have HasMemoryAccessMode() return false. This avoids a MSVC warning when doing a 32-bit build. To do this, remove empty TARGET_ARCH_OPCODE_WITH_MEMORY_ACCESS_MODE_LIST definitions from instruction-codes-$arch.h files. Change-Id: Ifed76eb9cbca169f30c188c1999e1e9be0b2c6aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3224807Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org> Cr-Commit-Position: refs/heads/main@{#77441}
-
Michael Achenbach authored
This reverts commit ee50ba88. Reason for revert: builders purple Original change's description: > [infra] Split Linux arm sim lite CI builders > > Bug: v8:12253 > Change-Id: I9cb67901a5711f251baa411ff57d84fa2049562a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208029 > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Liviu Rau <liviurau@chromium.org> > Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77439} Bug: v8:12253 Change-Id: Ifa77aead25746ce368b6207d9e1861b0006664bf No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229566 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#77440}
-
Al Muthanna Athamina authored
Bug: v8:12253 Change-Id: I9cb67901a5711f251baa411ff57d84fa2049562a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208029Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#77439}
-
Maria Tîmbur authored
Change the logic behind GenerateOneOf so that not only ref_null would appear almost everytime. Increase the probability of other alternatives to appear as well. Change the name of GenerateOptRef to GenerateRef. Bug: v8:11954 Change-Id: I8bff1661c3d3a91105bca1ffa68e1e9b0b662240 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229367 Commit-Queue: Maria Tîmbur <mtimbur@google.com> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#77438}
-
Victor Gomes authored
This is a reland of 0c459ff5 Original change's description: > [baseline] Concurrent Sparkplug n-thread with synchronised queue > > Installation in the main thread. > Design doc: https://docs.google.com/document/d/1GmEiEt2VDmhY_Ag0PiIcGWKtvQupKgNcMZUvgpfQksk/edit?resourcekey=0-seYa-QJsx1ZbjelluPG1iQ > > Change-Id: Ifc6eccd44efdf377320c64cf9957c6060334e543 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3186831 > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77431} Change-Id: I4ea8f3c026a0a448afcb16f57517ee75cedaf83f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229379 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#77437}
-
Leszek Swirski authored
The gdb DCHECK frame skipping automatically skips over all the abort etc. frames to get you to that DCHECK callsite you're actually looking for. However, this is annoying if you tried to call a function with a breakpoint from the gdb prompt; the frame skipping wold skip over your breakpoint back up to the failing DCHECK. Now, we abort the frame walk on dummy frames inserted by gdb execution. Change-Id: I2cf89ea9219374ad7c562c6eb13afe471038b033 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229376 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#77436}
-
Igor Sheludko authored
... by updating the checks for not_mapped_symbol root and using proper cage base values depending on the host object type. Bug: v8:11880 Change-Id: I28908cbb5b1023addaee248028661d480734e29c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3222760 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#77435}
-
Leszek Swirski authored
This reverts commit dca83ff7. Reason for revert: Speculative revert for https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/38914/overview Original change's description: > [snapshot] Fix two stress_snapshot failures > > 1. Stress snapshot discards code on SFIs, which breaks flushing > invariants. Add --stress-snapshot to those invariants. > 2. Another test failing on IsScript, added it to the disabled list. > > Change-Id: Ic415923a9cc96d34b74f7450b29be99c1b53d077 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229375 > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Auto-Submit: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77430} Change-Id: Ied1bd9e10389f361cd6e39a1c985ee134f098629 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229561 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#77434}
-
Leszek Swirski authored
This reverts commit 0c459ff5. Reason for revert: breaks build on M1 (where W^X flag is RO) https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20release%20builder/6999/overview Original change's description: > [baseline] Concurrent Sparkplug n-thread with synchronised queue > > Installation in the main thread. > Design doc: https://docs.google.com/document/d/1GmEiEt2VDmhY_Ag0PiIcGWKtvQupKgNcMZUvgpfQksk/edit?resourcekey=0-seYa-QJsx1ZbjelluPG1iQ > > Change-Id: Ifc6eccd44efdf377320c64cf9957c6060334e543 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3186831 > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77431} Change-Id: I45a952aacf0ad29ebb703a742fdc6da7b0b7c826 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229378 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#77433}
-
Michael Lippautz authored
GCC on x86 wants alignof(std::max_align_t) == 16 which is not supported by Oilpan. Stricter checks in MakeGarbageCollectedTraitBase::Allocate() cover problems per type. Bug: v8:12295 Change-Id: Icdd6517a2828280ed19279ca45004e26c99505a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229372 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#77432}
-
Victor Gomes authored
Installation in the main thread. Design doc: https://docs.google.com/document/d/1GmEiEt2VDmhY_Ag0PiIcGWKtvQupKgNcMZUvgpfQksk/edit?resourcekey=0-seYa-QJsx1ZbjelluPG1iQ Change-Id: Ifc6eccd44efdf377320c64cf9957c6060334e543 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3186831 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#77431}
-
Leszek Swirski authored
1. Stress snapshot discards code on SFIs, which breaks flushing invariants. Add --stress-snapshot to those invariants. 2. Another test failing on IsScript, added it to the disabled list. Change-Id: Ic415923a9cc96d34b74f7450b29be99c1b53d077 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229375 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#77430}
-
Joyee Cheung authored
It was missing on the slow path before. Bug: chromium:1259902, chromium:1260746, v8:10793 Change-Id: I9ae5f9efd552754a725f624307dd7caaeacd496f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226541Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#77429}
-
Manos Koukoutos authored
This CL improves wasm inlining heuristics in Turbofan, for an average 8,5% performance improvement in selected benchmarks. Changes: - In WasmInliner::Reduce(), only collect inlining candidates into a priority queue, according to WasmInliner::LexicographicOrdering. Move actual inlining to Finalize(). - Remove the InlineFirstFew heuristic. Add two limits to inlining: Maximum relative size increase (reversely proportional to the function size), and absolute size increase. - Pass information about call frequency from liftoff-collected feedback to the WasmInliner though the wasm module. - Run wasm inlining along other optimizations in the pipeline. - Split inlining and speculative inlining tests. Bug: v8:7748, v8:12166 Change-Id: Iccee22093db765981889a24451fb458dfce1f1a6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3222764Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#77428}
-
Marja Hölttä authored
Bug: chromium:1260577 Change-Id: I8944f2f1dda22ab9a24e389a686c707deb5f18c4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3225936Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#77427}
-
Michael Lippautz authored
Change-Id: I2150c83eeb8939801aeed7e7bb0aec92f8f91733 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3227756 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#77426}
-
Nico Hartmann authored
This reverts commit 929b83fb. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/18725/overview Original change's description: > [heap] Attach to shared isolate after setting up main thread > > Attach to the shared isolate after the main thread was set up. Otherwise > it could happen that a shared GC initiated from another isolate might > see no threads are running and performs the safepoint operation in the > middle of isolate deserialization. > > We use DisallowSafepoints to check that the isolate doesn't join a > global safepoint before deserialization is complete. DisallowSafepoints > used to prevent only invocations of Safepoint() but was updated to > also prevent Park() and Unpark() invocations. Each state change could > cause the thread to reach a safepoint, which would allow a shared GC > to run. > > We now also DCHECK that every isolate has at least one local heap and > that shared collections aren't started before deserialization is > complete. > > Bug: v8:11708 > Change-Id: Iba3fb59dd951d5ee4fc9934158062287302fc279 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3221157 > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77424} Bug: v8:11708 Change-Id: I0633150b6b40b297a335a39bf1a087ca93592e04 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3225937Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#77425}
-
Dominik Inführ authored
Attach to the shared isolate after the main thread was set up. Otherwise it could happen that a shared GC initiated from another isolate might see no threads are running and performs the safepoint operation in the middle of isolate deserialization. We use DisallowSafepoints to check that the isolate doesn't join a global safepoint before deserialization is complete. DisallowSafepoints used to prevent only invocations of Safepoint() but was updated to also prevent Park() and Unpark() invocations. Each state change could cause the thread to reach a safepoint, which would allow a shared GC to run. We now also DCHECK that every isolate has at least one local heap and that shared collections aren't started before deserialization is complete. Bug: v8:11708 Change-Id: Iba3fb59dd951d5ee4fc9934158062287302fc279 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3221157 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#77424}
-
Benedikt Meurer authored
Bug: none Change-Id: If62875a1f907ac33b6c6e6a894099a83bba71783 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3225935Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#77423}
-
Marja Hölttä authored
Functions affected: filter find findIndex findLast findLastIndex forEach reduce reduceRight Bug: v8:11111 Change-Id: Ifb40143e5b6ed4a3eb30cb25332e2387009e3274 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3205421 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#77422}
-
v8-ci-autoroll-builder authored
Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/0baacde..59bbc7f cmake: eliminate redundant `target_include_directories` (#1242) (Sergiu Deitsch) https://chromium.googlesource.com/external/github.com/google/benchmark/+/59bbc7f TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org Change-Id: Ibab54099357ee194a92c0c076b3053868ea5e4cd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3228788Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#77421}
-